|
Family: CGI abuses --> Category: infos
sdbsearch.cgi Vulnerability Scan
Vulnerability Scan Summary Acertains the presence of the sdbsearch.cgi
Detailed Explanation for this Vulnerability Test
The SuSE cgi 'sdbsearch.cgi' is installed.
This cgi allows a local (and possibly remote) user
to execute arbitrary commands with the rights of
the HTTP server.
Solution : modify the script so that it filters
the HTTP_REFERRER variable, or delete it.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|